From 52d302e6d06f251a8a0efed46fb2896f468342d3 Mon Sep 17 00:00:00 2001 From: Mattia Rizzolo Date: Mon, 15 Jun 2015 18:29:31 +0200 Subject: reproducible: build: call timeout with sudo, and not the reverse, as a user-called timeout can't kill a root process + give pbuilder 6 minutes to exit after SIGTERM before SIGKILL --- bin/reproducible_build.sh | 6 ++++-- etc/sudoers.d/jenkins | 4 ++-- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/bin/reproducible_build.sh b/bin/reproducible_build.sh index 6cbc486b..e0270a18 100755 --- a/bin/reproducible_build.sh +++ b/bin/reproducible_build.sh @@ -368,7 +368,8 @@ first_build(){ local TMPCFG=$(mktemp -t pbuilderrc_XXXX --tmpdir=$TMPDIR) set -x printf "BUILDUSERID=1111\nBUILDUSERNAME=pbuilder1\n" > $TMPCFG - ( timeout -k 12h 12h ionice -c 3 nice sudo \ + # remember to change the sudoers setting if you change the following command + ( sudo timeout -k 12.1h 12h /usr/bin/ionice -c 3 /usr/bin/nice \ DEB_BUILD_OPTIONS="parallel=$NUM_CPU" \ TZ="/usr/share/zoneinfo/Etc/GMT+12" \ pbuilder --build \ @@ -426,7 +427,8 @@ build_rebuild() { set -x local TMPCFG=$(mktemp -t pbuilderrc_XXXX --tmpdir=$TMPDIR) printf "BUILDUSERID=2222\nBUILDUSERNAME=pbuilder2\n" > $TMPCFG - ( timeout -k 12h 12h ionice -c 3 nice sudo \ + # remember to change the sudoers setting if you change the following command + ( sudo timeout -k 12.1h 12h /usr/bin/ionice -c 3 /usr/bin/nice \ DEB_BUILD_OPTIONS="parallel=$(echo $NUM_CPU-1|bc)" \ TZ="/usr/share/zoneinfo/Etc/GMT-14" \ LANG="fr_CH.UTF-8" \ diff --git a/etc/sudoers.d/jenkins b/etc/sudoers.d/jenkins index 103841a6..c8803602 100644 --- a/etc/sudoers.d/jenkins +++ b/etc/sudoers.d/jenkins @@ -29,8 +29,8 @@ jenkins ALL= \ /usr/bin/guestmount *, \ /bin/cp -rv /media/*, \ /bin/chown -R jenkins\:jenkins /var/lib/jenkins/jobs/*,\ - SETENV: NOPASSWD: /usr/sbin/pbuilder *, \ - SETENV: NOPASSWD: /usr/bin/linux64 --uname-2.6 /usr/bin/unshare --uts -- /usr/sbin/pbuilder *, \ + SETENV: NOPASSWD: /usr/bin/timeout -k 12.1h 12h /usr/bin/ionice -c 3 nice /usr/sbin/pbuilder *, \ + SETENV: NOPASSWD: /usr/bin/timeout -k 12.1h 12h /usr/bin/ionice -c 3 nice /usr/bin/linux64 --uname-2.6 /usr/bin/unshare --uts -- /usr/sbin/pbuilder *, \ /bin/mv /var/cache/pbuilder/*base*.tgz /var/cache/pbuilder/*base*.tgz, \ /bin/rm /var/cache/pbuilder/*base*.tgz, \ /bin/rm -v /var/cache/pbuilder/*base*.tgz, \ -- cgit v1.2.3-70-g09d2